Advanced search

Why the U.S. needs more cyber translators

By Michael J. Gaynor
Mike Austin

In February 2016, a few months after two perpetrators walked into an office holiday party in San Bernardino, Calif., and killed 14 people, a federal magistrate judge ordered Apple to allow the FBI into one of the shooter’s locked iPhone. The Justice Department had made the request to investigate potential terrorism connections. Apple argued that bypassing the phone’s security functions would be effectively creating a master key to break into any iPhone, anywhere.

This dispute set off a tense courtroom standoff between the FBI and Apple, and exposed a wide gulf that pitted parts of the government against the tech community on issues of encryption, civil liberties, and law enforcement in the digital world.

At the core of the debate was an issue of technical understanding. The security processes being discussed are complex, and the highest decision-makers in government couldn’t be expected to have a nuanced grasp of the mathematics of encryption.

With this in mind, the Obama administration held a series of meetings with Ed Felten, who just started his term as the White House’s deputy chief technology officer. On leave from his computer-science teaching duties at Princeton University, Felten’s job was to bring his technical expertise to bear in Obama administration policies.

Cyber translators are a vital component in ensuring smart, effective policy in an intricately wired world.

This intersection between government and tech experts is colloquially referred to as “cyber translation.” It’s the idea of people, i.e., “translators,” branching out from various sectors of government, academia, law, business and media to exchange knowledge and views of technological issues and how they affect law and policy. These sectors frequently disagree, and fundamental concepts of how things work often get lost in translation between stakeholders. Cyber translators are a vital component in ensuring smart, effective policy in an intricately wired world.

When Felten sat down with White House officials to talk through the concept of encryption at the heart of the Apple/FBI debate, he provided not just technical expertise, but strategies to accurately share technical details with people who don’t have that background. He favored a set of hand-drawn diagrams, and used hypothetical characters to narrate a story that explained the vital components of digitally encrypted communications.

While the legal drama between Apple and the FBI ended in a semi-stalemate, with agency officials gaining entry to the phone without help from the company, Felten saw his translation work as key in helping decisions-makers better understand the forces they were dealing with. The Obama administration chose not to pursue legislation that could force phone manufacturers to provide back-door access for law enforcement, and all the unintended consequences that come with it.

2017 recorded the highest-ever number of data breaches against companies and government agencies — 1,579 in total, an increase of 45% over the previous year, according to the Identity Theft Resource Center. Last year, a major hack at the credit-reporting company Equifax alone exposed personal information for over 145 million people. Without collaboration between government and technical experts who know how to respond and mitigate these attacks, the problem is only bound to get worse.

“If they don’t have that expertise available, then they’re flying blind,” said Felten. “They don’t have the information they need to make an informed decision, and you can end up choosing policies that have a lot of harmful effects.”

Different languages, distinctive cultures

The need for a cross-pollination of expertise has been apparent for some time, said Susan Hennessey, a former lawyer at the National Security Agency who’s now a Brookings Institution fellow and executive editor of the national security blog Lawfare.

“I think for a long time, there has been a belief that there was a way to create somebody who knew all of it,” says Hennessey. “You could get someone who had a computer science degree and a law degree and a really astute policy understanding.” But developing that sort of deep expertise in every area proved to be an incredibly rare ability. “So we were going to have to start figuring out a better way for these different disciplines to start talking to one another,” she said.

Travis Moore witnessed this discrepancy firsthand as a legislative director for California congressman Henry Waxman. He recalls roaming the halls of Capitol Hill, searching for experts in Congressional offices who could explain to him the finer points of data privacy during a 2012 debate over the controversial Cyber Intelligence Sharing and Protection Act (CISPA). Out of the 12,000 staffers, he would later find out only five had any formal technical training. The only people he encountered with answers then were industry lobbyists, who were more than willing to help — as long as the information advanced their clients’ positions.

Cyber Initiative: 2014 – 2023
Renewing our commitment to the Cyber Initiative

Today, Moore runs TechCongress, a grantee of the Hewlett Foundation’s Cyber Initiative, which aims to build a more capable cyber policy field to solve pressing challenges in society. TechCongress runs a fellowship that places technical experts into the legislative branch. Fellows work with senators, representatives, and committee staff to explain the finer points of difficult technical topics they can’t be expected to master, topics such as election hacking, online privacy debates, and the specter of foreign cyberattack that are at the heart of some of the nation’s most pressing problems.

“These people need to be in the building,” says Moore.

The Apple-FBI feud wasn’t Ed Felten’s first rodeo in government. Appointed as the first ever chief technologist for the Federal Trade Commission’s in 2011, he said that the move from academia to Washington was similar to moving to a new country. “I felt like that I had to learn the customs and the language and how people do things there,” said Felten, now the director of Princeton’s Center for Information Technology Policy.

It was a gap that extended beyond just government’s love for acronyms and academia’s affinity for technical jargon, into how the two sectors tackled problems. “Between academia and government, people are interested in a lot of the same issues,” said Felten. “But they have different requirements they need to meet. Academics want to understand something and are willing to spend as much time as it takes to do that. Whereas in government it’s much more about making decisions and preparing for different contingencies…You don’t have the luxury of spending time.”

Travis Moore noticed a similar disconnect when he moved out to the Bay Area to start TechCongress. Silicon Valley giants and billionaire entrepreneurs, accustomed to throwing money at problems until they were fixed, thought they could do the same in Washington in order to upend politics-as-usual and fix policy problems in their own way. “I think tech thinks so simplistically about government,” said Moore. Their initiatives, designed to “disrupt” DC from the top down, often miss the fact that the real currency of politics is relationships, he said, and it may be some mid-level bureaucrat or freshman representative who are the true nodes of power in any given issue.

Translators who have worked in government, business and academia say that these conflicting methodologies often leads to the stakeholders from each group taking on different terms, indifferent to the concerns of one group over a piece of legislation or policy.

“A lot of the biggest controversies and things that have been the most challenging or traumatic for the agency have been moments in time when the lawyers and technologists were speaking past one another,” said Hennessey, drawing from her time as a lawyer at the NSA dealing with hot-button tech issues from within government. “There were two sides that were both saying the same words but had a different understand of what those words meant. And that can lead to really significant problems.”

Policies on drones and driverless cars

Two breakthroughs illustrate the different outcomes that can result with or without a translator in the room.

In recent years, off-the-shelf drones have become more capable and less expensive, advances propelled by a Silicon Valley move-fast-and-break-things mentality. But that progress inevitably bumped up against the federal government, and the Federal Aviation Administration’s longstanding safety regulations about what can and cannot roam U.S. skies.

“So you had this technology that was developing rapidly, but there were laws on the books that were basically written for a world in which an aircraft was an expensive thing that was piloted by a very well-trained person onboard,” said Felten.

The FAA began regulating drones in much the same way they historically regulated aircraft. Many drone enthusiasts and companies complained that this was unnecessarily burdensome, applying old rules to new creations and hampering innovation. But the FAA had a point, too: drones could cause damage if flown improperly, colliding into planes or dropping out of the sky into a crowd of people.

There were benefits to both sides working together, expanding the opportunities for drones while updating safety regulations for a new era. But, according to Felten, without translators who understood each side’s perspective, the stakeholders were slow to agree on a path forward.

Contrast that with federal policy toward driverless cars. On the surface, it’s the same issue: a nascent technology with potentially huge benefits, but one that raises safety issues that fall under the oversight of a traditionally minded government agency, in this case, the National Highway Traffic Safety Administration.

An automated vehicle taking a test drive on the streets of Pittsburgh. (Credit: Jeff Swensen for The Washington Post via Getty Images)

“One thing that was different about self-driving cars is that these tech people did a good job of making a case that this technology would help safety in the long run,” said Felten. In other words, the automated vehicle companies recognized the frame through which the NHTSA operated – safety — and made pains to address that upfront.

“Every conversation about auto-safety starts with the statistic that 36,000 people are killed on the highway every year,” said Felten. “What was able to happen in the self-driving car space is that people could agree that safety was a primary goal for everyone, and the conversation was about how to make it happen.”

As a result, both the Obama and Trump administrations have released forward-looking automated vehicle policies, while Congress mulls legislation. Unlike drones, where progress has practically grinded to a halt, driverless cars illustrate an area where a groundbreaking yet potentially dangerous technology is receiving smart, careful treatment in the policymaking process due to effective translators who recognized how to bridge the divide between government and technology.

Learning to speak like a Washingtonian

It might sound like issues of cyber translation are simply a matter of old, stodgy government getting in the way of technology and innovation. But people outside of government can be just as stuck in their habits, unable to evolve their thinking.

Jonathan Mayer is a Ph.D. candidate in computer science at Stanford University who recently concluded a fellowship bringing those technical credentials to government. Starting at the FCC, and later at Sen. Kamala Harris’s office, he’s seen dozens of academics like him try to make a policy impact on a tech issue important to them — and fail completely.

“A significant disconnect is how breathtakingly bad most academics are at persuading the government to view things their way,” said Mayer. “There is this real tendency among academics — who are genuine leaders in their field — to show up in Washington, give a quasi-academic presentation, and then leave thinking they’d really done something important. And that’s just not how it works.”

Time and again, Mayer has seen academics struggle to influence policy despite being some of the best minds in that field. He’s seen them file their comments in the wrong docket, and never be heard. He’s seen them choose the wrong vehicle to try to exert influence, confusing rulemaking with legal briefs or law drafting and other legislative stages. He’s seen them send a copy of their latest academic paper, with no in-person follow-up or phone call, just relying on a simple mailer to get their scholarly ideas across. “And pretty much no one here in Washington reads academic papers,” said Mayer.

The government loves its acronyms, lawyers love to cite code and statutes. You’ve got to step back to see what the pieces that need to be explained are.

-- Susan Hennessey, executive editor of Lawfare and Brookings Institution fellow

And like Travis Moore at TechCongress, Mayer consistently saw this disconnect be filled by lobbyists, professionals who were experts at speaking Washington’s language. They would be invited back again and again to advise agencies and members of Congress on technical topics, however biased that advice might be.

“It’s all understandable — where would you learn to do government relations if you spent all of your time publishing pure science research or writing software?” said Mayer. He sees a need for programs that teach this sort of translation to academics on how to get their ideas across in government, training on the fundamentals of how to connect with federal agencies or Congress and make sure the decision makers are listening.

“The very basic requirements for interacting in Washington are just generally not being met by academics trying to participate here,” he said.

For technical experts who find themselves in a position to lend expertise to policymakers, they might encounter new roadblocks. The most obvious — how can one accurately explain high-level tech concepts to a lay audience? The key, translators say, is to know what to leave out.

“If you get someone fresh out of a computer science program to try to explain Internet architecture or encryption, they would give you the most detailed, technical answer about mathematics and DNS and everything you didn’t need to know,” said Ashkan Soltani, an independent tech researcher who succeeded Ed Felten as the Federal Trade Commission’s chief technologist in 2014. He prefers using tactics like metaphors and narratives to frame the concepts in ways a neophyte can understand.

But even this needs care. For instance, is sending an email more analogous to making a phone call, over a secure line, or shouting out your window, where it could potentially be overheard? “The metaphor you use and the way you describe it often will dictate how people who aren’t familiar with the technology will view it, and what protections or limits exist with it,” said Soltani.

The difficulty of deciphering institutional vocabulary goes both ways. “The government loves its acronyms, lawyers love to cite code and statutes,” said Hennessey, explaining that technologists aren’t the only ones who speak in their own coded language. “You’ve got to step back to see what the pieces that need to be explained are.”

Bridging gaps to shape a safe future

The route to becoming a translator in the first place isn’t very easy. Without many programs or degrees that allow someone a foothold into a new sector, it’s difficult to gain enough experience to be effective as a translator. Technologists or academics in their early or mid-career find it more difficult to branch out, and risk stalling progress in their original track. Nor are there enough stakeholders in various sectors who openly advertise their need for such work.

“We don’t slot in very easily to a particular role,” said Soltani. “Most firms don’t have an opening for a technology translator. There’s no title for people like me.”

In government, there’s also an issue of trust when it comes to bringing in outside people for tech expertise. Washington influencers are protective of their turf, and may be reluctant to hand over important decisions to a translator who might only be in the office on a temporary basis. Jonathan Mayer knows technologists in short-term DC fellowships who are consistently left out of their office’s org chart and derisively referred to as “the Christmas help.”

“Starting something new is hard,” said Travis Moore. “Especially in government, which is incredibly risk-averse to bringing in new ideas of modes of operating. It’s a very conservative culture in how it thinks about change.”

I’ve done two tours of duty in government, and both times I’ve come out with a substantially changed view of what I should be doing as an academic.

-- Ed Felten, professor of computer science and public affairs at Princeton University

“I’ve done two tours of duty in government,” said Felten, “and both times I’ve come out with a substantially changed view of what I should be doing as an academic.” In other words, his work as a translator didn’t just bring technical expertise to the government — he was then able to bring knowledge learned while in government back to academia. Felten is currently researching artificial intelligence’s impact on jobs and the economy, an angle he would’ve never thought to focus on before seeing firsthand how worried it made people in the White House.

“We know that communities tend to only talk to one another — legislators talking to legislators, academics talking to academics,” said Hennessey. Lawfare, which she works on, is one forum that tries to bring those groups together. It’s another form of translation where readers can have a jargon-free conversation on topics that would previously have only been addressed in lengthy law review articles or academic papers.

Cyber translation is a hugely important role as technology impacts our laws and society more and more each day. Through those translators each side can listen to the other — technologists can explain what will really be the impact of a piece of tech legislation, government can influence what ideas academics should be putting thought into, and so on. By bridging the divide between stakeholders, these sectors can together shape a smart, safe technological future.

 

Editor’s note: Michael J. Gaynor is a freelance writer based in Washington, DC. He can be reached at michaeljgaynor@gmail.com.

Tags

MORE STORIES

Cyber Initiative: 2014 – 2023
A threat like none other: The development of cybersecurity policy and the role of the Hewlett Foundation
Cyber Initiative: 2014 – 2023
Covering Cyber: Media Coverage of Cyber Issues 2020-2023 Update
Cyber Initiative: 2014 – 2023
A Comparative Study of Interdisciplinary Cybersecurity Education

Search Our Grantmaking

By Program
  1. Education 
  2. Environment 
  3. Gender Equity and Governance 
  4. Performing Arts 
  5. U.S. Democracy 
  6. Economy and Society 
  7. Effective Philanthropy 
  8. Racial Justice 
  9. SF Bay Area 
  10. Special Projects 
By Keyword